5 Jan 2021
Bulletproof TLS Newsletter is a free periodic newsletter bringing you commentary and news surrounding SSL/TLS and Internet PKI, designed to keep you informed about the latest developments in this space. Received monthly by more than 50,000 subscribers. Maintained by Hanno Böck.
The Let’s Encrypt certificate authority is facing a challenging situation with its upcoming planned certificate switch.
Let’s Encrypt originally started with an intermediate certificate that was cross-signed by a root certificate owned by the IdenTrust certificate authority, but this root certificate, called DST Root CA X3, will expire in September 2021.
Let’s Encrypt has its own root certificate (called ISRG Root X1) and can issue its own intermediates. But given that the ISRG root certificate is newer, it isn’t as widely preinstalled on devices and operating systems. In particular, older Android versions—which are in widespread use—do not have it preinstalled.
To circumvent these problems, Let’s Encrypt now intends to get a new cross-signed intermediate from IdenTrust’s expiring root certificate. This is unusual, as the new intermediate would be valid longer than the root certificate issuing it. However, this still guarantees compatibility because in Android the certificate validation is implemented in a way that doesn’t check the expiration date of the preinstalled root certificates.
The new intermediate will not directly sign end-entity certificates. Instead, it will indirectly sign the current Let’s Encrypt intermediate certificate, R3. This ensures that clients that know the Let’s Encrypt ISRG root certificate and that check the expiration dates of root certificates will still accept the certificate chain. The downside of this approach is that the chain will contain two certificates, creating additional traffic overhead.
Let’s Encrypt plans to offer alternative certificate chains so that clients can choose between a smaller chain and the longer chain that provides compatibility with older Android devices.
This subscription is just for the newsletter; we won't send you anything else.
Designed by Ivan Ristić, the author of SSL Labs, Bulletproof TLS and PKI, and Hardenize, our course covers everything you need to know to deploy secure servers and encrypted web applications.
Remote and trainer-led, with small classes and a choice of timezones.
Join over 1,500 students who have benefited from more than a decade of deep TLS and PKI expertise.